News from the Editor

Cross scripting security fixes in version 2.0 beta

Development team found and removed serious security issue in current version 2.0beta. Because of lack of input data validation the system was vulnerable tocross scripting attacks. This is not big issue when FA is used in trustedcompany environment, but in demo installation the security hole can be sourceof troubles for potential visitor.

All needed fixes to seal Front Accounting 2.0 beta against XSS attacks have beendone and are available from CVS server. Every administrator of publiclyavailable FA 2.0 demo is strongly encouraged to upgrade to current CVS version.